class HomeController < ApplicationController
  
  
  def index
    #login page 
    
  end

  #def admin
    #redirect_to :action => 'admin'
  #end

  def register
    #new user registration details....
   
   #redirect_to :action=> 'register'
  end

  

  def guest
    #redirect to guest page
    #redirect_to :action=> 'guest'    
  end


def authenticate 
        #User.new(params[:userform]) will create a new object of User, retrieve values from the form and store it variable @user. 
        @user = User.new(params[:userform]) 
        #find records with username,password 
        valid_user = User.find(:first,:conditions => ["username = ? and password = ?",@user.username, @user.password]) 
 
        if valid_user
          if valid_user.username == "admin" and valid_user.password == "admin"
          flash[:notice] = "welcome admin"
          session[:user_id]=valid_user.id
          redirect_to :action => 'admin' ###and return
          else
            flash[:notice] = "welcome registered user"
            session[:user_id]=valid_user.id   #####
            redirect_to :action => 'private' 
          end   
          
        else 
            flash[:notice] = "Invalid User/Password combination" 
            redirect_to :action=> 'index' ###and return           
        end
          
                  
        
  end 
      
      def logout
        flash[:notice] = "Logged out"
      redirect_to :action=> 'index'
    end
    
    def private
      if !session[:user_id] 
      redirect_to :action=> 'index' 
    end
    
    params[:id] = session[:user_id]
    @user = User.find(params[:id])

    respond_to do |format|
      format.html # private.html.erb
      format.xml  { render :xml => @user }
     end    
    
    end
    
    
    
end    